fully working refresh tokens. No more expiring :)

backend/auth/handler.go

@@ -36,6 +36,14 @@ type codeReturn struct {
 	Refresh string `json:"refresh"`
 }
 
+type refreshBody struct {
+	Refresh string `json:"refresh"`
+}
+
+type refreshReturn struct {
+	Access string `json:"access"`
+}
+
 func (h *AuthHandler) login(body loginBody, w http.ResponseWriter, r *http.Request) {
 	err := h.auth.CreateCode(body.Email)
 	if err != nil {
@@ -78,6 +86,22 @@ func (h *AuthHandler) code(body codeBody, w http.ResponseWriter, r *http.Request
 	middleware.WriteJsonOrError(h.logger, codeReturn, w)
 }
 
+func (h *AuthHandler) refresh(body refreshBody, w http.ResponseWriter, r *http.Request) {
+	userId, err := h.jwtManager.GetUserIdFromRefresh(body.Refresh)
+	if err != nil {
+		middleware.WriteErrorBadRequest(h.logger, "invalid refresh token: "+err.Error(), w)
+		return
+	}
+
+	access := h.jwtManager.CreateAccessToken(userId)
+
+	refreshReturn := refreshReturn{
+		Access: access,
+	}
+
+	middleware.WriteJsonOrError(h.logger, refreshReturn, w)
+}
+
 func (h *AuthHandler) CreateRoutes(r chi.Router) {
 	h.logger.Info("Mounting auth router")
 
@@ -86,6 +110,7 @@ func (h *AuthHandler) CreateRoutes(r chi.Router) {
 
 		r.Post("/login", middleware.WithValidatedPost(h.login))
 		r.Post("/code", middleware.WithValidatedPost(h.code))
+		r.Post("/refresh", middleware.WithValidatedPost(h.refresh))
 	})
 }